A vulnerability was found in the Linux kernel if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic. References: https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin#_CVE-2018-11987 Upstream patch: https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=5e9ffcfa152ecb2832990c42fcd8a0f2e63c2c04
Based on the references, this looks to be in android drivers. Can you confirm the upstream kernel is affected?
(In reply to Nicholas Luedtke from comment #1) > Based on the references, this looks to be in android drivers. Can you > confirm the upstream kernel is affected? Hi Nicholas, we are currently analyzing the issue to see if there's any chance it could affect our kernels. We'll update the bug with the results afterwards.
Andrej, do you know if there was any conclusion on the affected status for affecting mainline kernel?
(In reply to Salvatore Bonaccorso from comment #3) > Andrej, do you know if there was any conclusion on the affected status for > affecting mainline kernel? Hi Salvatore, unfortunately we weren't able to dig into this further because of Christmas. There will be an update to this bug as soon as analysis is done.